Should Accused Student Cyberbullies Be Forced to Surrender Social Media Passwords?

By Rajendra Persaud*

In Illinois, school districts may have the power to obtain social media passwords from rule-breaking students.  In January 2015, the Triad Community Unit School District #2 sent a letter to students’ homes that indicated students may be asked to relinquish social media passwords under certain circumstances.[1]  While the limit of “certain circumstances” remains unclear, administrators have attempted to shed light on the matter by citing bullying as a primary concern for their authority.[2]  In response, State Representative Laura Fine assured the public that the bill would not allow schools to require that students hand over social media passwords.[3]  Is this statement a true reflection of the law, or did Representative Fine make the statement in a futile attempt to put the press at ease? Fine’s statement runs contrary to a plain text reading of the statute in question:

An elementary or secondary school must provide notification to the student and his or her parent or guardian that the elementary or secondary school may request or require a student to provide a password or other related account information in order to gain access to the student’s account or profile on a social networking website if the elementary or secondary school has reasonable cause to believe that the student’s account on a social networking website contains evidence that the student has violated a school disciplinary rule or policy.  The notification must be published in the elementary or secondary school’s disciplinary rules, policies, or handbook or communicated by similar means.[4]

While students have some constitutionally protected speech rights at school,[5] the extent of public school authority over acts beyond the classroom remains unclear.

In recent years, school administrative decisions have come under attack more frequently, and courts are displaying less deference to previously-sanctified school boards and employees.[6]  In accordance with this ongoing trend, a student should not have to surrender his or her password at the whim of a school administrative decision.  Adolescents are at varying stages of puberty and struggle to understand their emotions, hormones, judgment, and identity.[7]  Their physical immaturity makes them unable to appreciate the consequences of their actions the way that adults can. [8] While the Illinois law may help uncover information relating to suspected cyberbullying, sensitive information regarding a student’s personal health, well-being, and sexual orientation may become uncovered as well.  Embarrassment stemming from a false allegation or unexpected discovery has the potential to affect the psychological development of a wrongly accused individual.

Cyberbullying is defined as the “willful and repeated harm inflicted through the use of computers, cell phones, and other electronic devices.”[9]  First Amendment protections are rarely granted to “low value” categories of speech because this speech does not add or contribute to the marketplace of ideas;[10] rather, typical categories of low value speech intend to harm, offend, or cater to some prurient interest.  The words that constitute cyberbullying should be considered low value speech because they are “no essential part of any exposition of ideas, and are of such slight social value as a step to truth that any benefit that may be derived from them is clearly outweighed by the social interest in order and morality.”[11]  Cyberbullying speech presents low value content because it is usually targeted at an individual for the purpose of inflicting psychological damage by means of embarrassment or harassment.  The proliferation of social media interactions amongst pre-teens and teenagers both inside and beyond the confines of the school presents serious issues that courts have not previously confronted.

Some critics of anti-cyberbullying legislation posit that since communications are transmitted remotely, no threat of serious harm can immediately manifest.  This is simply not true because members of Generation-Y must engage in social media interactions as part of that growing American culture.[12]  The communications may be transmitted remotely, but the effects are local.  For instance, a naked or embarrassing picture of an individual transmitted online can transcend virtual reality and translate into physical bullying or local harassment on school grounds.  While opponents to cyberbullying legislation continue to ignore the realities of cyberbullying by offering simple solutions[13] to a growingly complex issue, recent suicides resulting from cyberbullying illustrate just how serious the problem has become.[14]  While students have privacy interests, school administrators should have an alternative avenue for punishing cyber threats[15] that affect other individuals.  Schools that do nothing in response to reports of cyberbullying risk failing to protect a victimized student, and may also suffer a lawsuit initiated by the student’s parents.[16]  It is critical for schools to respond to cyber threats in a timely manner because deference to a school’s decision has eroded over time.  Under the time-honored doctrine in loco parentis, courts were previously reluctant to review school decisions, as the student was considered a child under the jurisdiction of the school, which was essentially the parent in the absence of the child’s true parent or guardian.[17]  This has changed as suits against schools have increased and the rights of individual students have expanded.

Cyberbullying has resulted in an alarming number of suicides since it has been taken seriously as a form of antisocial behavior.  School bullying includes physical, verbal, psychological, or intimidatory elements intended to cause fear, distress, or harm to the victim.[18]  Cyberbullying ranges from sending vulgar language online to breaking into someone’s social media account to impersonate them, and even to sinisterly tricking someone into revealing sensitive information for the purpose of sharing that information with others.[19]  Like gang attacks, cyberbullying can be an intensified version of school bullying because multiple individuals can engage in an attack on the same victim at the same time without provocation and from remote locations.  Humiliating pictures, whether altered or authentic, can be seamlessly generated and disseminated to both local classmates and unknown observers without notice to the victim.  Once the content is released, these pictures and videos can be impossible to erase if users download the content and transfer the media to remote data storage devices, like external hard-drives or thumb drives.[20]  Forty-three percent of teens have been victims of cyberbullying in the last year.[21]  A recent study found victims of cyberbullying to be nearly twice as likely to have attempted suicide compared to peers who did not experience cyberbullying.[22]  There is evidence that most individuals who attempt suicide do not unequivocally want to die,[23] which justifies at least minimal interference by schools.[24]

A court reviewing the subject Illinois law would typically apply intermediate scrutiny to the punishment of student speech; under this standard, the court upholds the law only if it advances some important government interest and is reasonably well-tailored to serve that interest.[25]  Ultimately, courts will be tasked with a difficult policy balancing test: the judiciary must weigh a student’s right to speech and privacy against the school’s duty to protect students from bullying and associated harms.

Illinois Public Act 098-0129, §15 would likely fail intermediate scrutiny because forcing a student to relinquish social media passwords is not a well-tailored punishment to discourage cyberbullying or vindicate the bullied victim.  The law does little to curb cyberbullying.  For instance, a student that relinquishes a social media password can easily deactivate or terminate the account in question.  From there, the same student can use similar if not completely replicated information to spawn a new account.  A student could also delete his or her account before relinquishing a social media password.  Alternatively, the account could be deleted before a school administrator has the opportunity to probe for illicit activity.

In light of the disconnect between adults’ understanding of social media and their children’s ability to harness technology to serve various ends,[26] schools should be able to narrowly censor hate speech targeted at an individual for the purpose of demeaning that individual.  Providing a school administrator with the tools to uncover what activity an individual is engaging in online could lead to discovering other antisocial behavior or the proliferation of attacks on other students by the same individual, especially since some students spend more meaningful quality time with their peers at school than with their families at home.[27]  School administrators should have more control over policing the activities of their students due to the amount of time and influence a child’s peers has on him or her while outside of the parents’ supervision.

Although the topics underlying hate speech likely garner unanimous admonishment—degradation via sexual orientation, gender, socioeconomic status, intelligence, race, or national origin—defining exactly what types of statements are worthy of denunciation places school teachers and administrators in a position of judging speech beyond the context of the original conversation, and without knowledge of the parties’ previous interactions.  This triggers despotic notions regarding the power of school disciplinarians.  Speech differs wildly from generation to generation.[28]  What might be an acceptable phase or use of slang for a millennial could be considered vulgar by a member of Generation X.[29]

As Judge Posner noted in American Amusement Mach. Ass’n v. Kendrick, children have First Amendment rights because people are unlikely to become well-functioning, independent-minded adults and responsible citizens if they are raised in an intellectual bubble.[30]  Curtailing students’ speech by forcing them to surrender their social media passwords places them at a social disadvantage and could stunt their social growth.  To say that an individual can merely turn off his or her computer ignores the reality that using computers nowadays is a natural part of social interactions[31] in the way members of Generation X interacted on school playgrounds.  Illinois Public Act 098-0129, §15 is a superficial attempt to rectify the cyberbullying problem without addressing why a student is bullying in the first place.

Obtaining access to an individual’s Facebook page does not solve the cyberbullying problem.  Rather, it adds to the issue by neglecting to address the causes and effects of cyberbullying.  The technologies, mediums, and platforms are not at fault for allowing the spread of offending student messages; it is the messages themselves that must be addressed:

The tendency is to believe that if we control technologies, negative student comments and attitudes will go away.  We cannot snuff out the attitudes that inform the expression.  To make cyber-bullying go away, we need to educate young people and engage in dialogue that helps them arrive at their own conclusions about what ethical expression ought to comprise.[32]

What methods of recourse does a school have?  To survive intermediate scrutiny review, the procedure does not necessarily have to be the least restrictive means, but the school should consider less invasive punishments.[33]  For instance, threatening to memorialize the incident in the individual’s permanent file might have a profound effect on the bullying student if that individual seeks to pursue higher education. Or, the school can warn that criminal charges are possible.[34]  Alternatively, the school could mandate a mediation session between the bully and victim to assist both students in individualizing and recognizing the other.  The school should pursue a method that avoids alienating the bullying student because antisocial behavior could be a warning sign of something potentially more serious in the future.  Students that misbehave are often students with academic difficulties,[35] so ignoring this fact could mask the true root of the problem.  If a school cannot protect a student from cyberbullying, parents might file a lawsuit on behalf of the minor child.  Civil remedies provide causes of action that may be triggered by a bully’s harassment; legal action against the aggressor can include an action in defamation, invasion of privacy, a public disclosure of a private fact, invasion of personal privacy, and intentional infliction of emotional distress.[36]

Another alternative is to compel empathy from the bullying student.  The bullying student could be presented with the opportunity to choose presenting in a seminar, or suspension from school and a mark in the student’s permanent file.  The seminar option could involve the bully and the victim with several other classmates and teachers or administrators in a controlled atmosphere.  The aggressor and victim reenact the social media interactions with pauses at predetermined intervals for comment and reflection.  Young children have fewer coping mechanisms than adults, which forces them to internalize expressed sentiments, thereby illustrating the notion that they are susceptible to the effects words have.[37]  It is possible that a cyberbully has never been bullied before, or has failed to consider the effect his or her words have on the victim.

Schools must find ways to balance the privacy interests of students with the need to protect schoolchildren who are vulnerable and susceptible to bullying.  While forcing a student to provide his or her social media password is beyond the scope of a school official’s authority, alternative solutions that recognize students’ privacy exist to discourage cyberbullying. Schoolchildren have diminished privacy rights, but this does not mean that they have no rights whatsoever.[38]  The problem should focus on the message and its speaker, rather than the platform by which these messages are communicated.


*Rajendra Persaud is in his final year as a student at Hofstra School of Law. He can be reached at

[1] Jason Koebler, Illinois Says Rule-Breaking Students Must Give Teachers Their Facebook Passwords, MOTHERBOARD (Jan. 20, 2015, 5:45 PM),

[2] Hunter Schwarz, Schools Can Require Students to Hand Over Their Social Media Passwords Under Illinois Law, WASH. POST (Jan. 22, 2015),

[3] Alexandra Svokos, Illinois Is Not Actually Requiring Students to Hand Over Their Facebook Passwords, HUFFINGTON POST (Jan. 23, 2015, 6:28 PM),

[4] Illinois Public Act 098-0129, § 15, available at (emphasis added).

[5] Tinker v. Des Moines Indep. Cmty. Sch. Dist., 393 U.S. 503, 505 (1969) (“First Amendment rights, applied in light of the special characteristics of the school environment, are available to teachers and students. It can hardly be argued that either students or teachers shed their constitutional rights to freedom of speech or expression at the schoolhouse gate.”); see Karly Zande, When the School Bully Attacks in the Living Room: Using Tinker to Regulate Off-Campus Student Cyberbullying, 13 BARRY L. REV. 103, 113 (2009) (summarizing Supreme Court authority on freedom of speech in schools).

[6] Robert E. Phay, Suspension and Expulsion of Public School Students (1971) (on file with the Nat’l Org. on Legal Problems), available at

[7] Nicole P. Grant, Mean Girls and Boys: The Intersection of Cyberbullying and Privacy Law and Its Social-Political Implications, 56 HOW. L.J. 169, 197-98 (2012) (“Why is this anonymity so important? … [P]rivacy rights help individuals maintain autonomy and pursue their own individuality. Anonymity only furthers individuality by allowing people to become involved in things that they would not necessarily be able to be a part of if they were required to share their identities.”).


[9] Elizabeth M. Jaffe, Cyberbullies Beware: Reconsidering Vosburg v. Putney in the Internet Age, 5 CHARLESTON L. REV. 379, 380-81 (2011).

[10] Genevieve Lakier, The Invention of Low-Value Speech, HARV. L. REV. __, (forthcoming 2015) (manuscript at 8), available at

[11] Chaplinsky v. New Hampshire, 315 U.S. 568, 571-72 (1942).

[12] Ruth N. Bolton, Understanding Generation Y and Their Use of Social Media: a Review and Research Agenda, 24 (3) J. SERV. MGMT. 245 (2013) (“[Generation Y is] the first generation to have spent their entire lives in the digital environment; information technology profoundly affects how they live and work.”), available at

[13] Dan Seitz, Cyberbullying Is Not The Same Thing As Real World Bullying, Okay?, UPROXX (June 13, 2012),

[14] Sameer Hinduja & Justin W. Patchin, Cyberbullying Research Summary: Cyberbullying and Suicide (2010) (on file with the Cyberbullying Research Ctr.), available at

[15] United States v. Kelner, 534 F.2d 1020, 1027 (2d Cir. 1976) (defining threats as “unequivocal, unconditional and specific expressions of intention immediately to inflict injury”).

[16] Katherine Bindley, New Jersey Student Sues School Districts over Alleged Bullying, HUFFINGTON POST (Mar. 18, 2013),; Elisa Jaffe, Bullied Teen Sues Enumclaw School District for $1.2M, KOMONEWS (Oct. 15, 2014); Stacey Sager, Bullied Teen Wins Settlement Against Farmingdale School District, 7ONLINE (Jan. 21, 2015),

[17] Phay, supra note 7, at 3.

[18] David P. Farrington & Maria M. Ttofi, School-Based Programs to Reduce Bullying and
Victimization 7 (October 31, 2009) (on file with the Campbell Collaboration Crime & Justice Grp.), available at

[19] See Brian P. Stern & Thomas Evans, Cyberbullying: an Age Old Problem, a New Generation, 59, 5 R.I. Bar J. 1, 21 (2011), available at (discussing cyberbullying as a form of harassment); see also Ted Feinberg, & Nicole Robey, Cyerbullying: Intervention and Prevention Strategies (2010) (on file with the Nat’l Ass’n of Sch. Psychologists), available at (detailing types of cyberbullying).

[20] What is Cyberbullying?, STOPBULLYING.GOV, (last visited Apr. 3, 2015).

[21] Stop Cyberbullying Before It Starts (on file with the Nat’l Crime Prevention Council), available at (last visited Apr. 3, 2015).

[22] Hinduja & Patchin, supra note 14; see also Liam Hackett, The Annual Cyberbullying Survey 2013, DITCH THE LABEL, available at (last visited Feb. 24, 2015) (reporting that in a survey of over 10,000 young people surveyed, seven in ten are victims of cyberbullying).

[23] Alex Lickerman, The Six Reasons People Attempt Suicide, PSYCHOLOGY TODAY (Apr. 29, 2010),; see PAUL R. ROBBINS, ADOLESCENT SUICIDE 48-49 (1998) (analyzing suicide among adolescents in the United States); EDWIN SHNEIDMAN, SUICIDE AS PSYCHACHE: A CLINICAL APPROACH TO SELF-DESTRUCTIVE BEHAVIOR 12-13 (1993) (“Suicide may be said to be an interpersonal and certainly an intracultural event. But in its essence suicide is always an individual occurrence.”).


[25] Ashutosh Bhagwat, The Test That Ate Everything: Intermediate Scrutiny in First Amendment Jurisprudence, 2007 U. ILL. L. REV. 783, 801 (2007).



[28] Michael W. Stockham, Slang, Generation Gaps, and Deciding What is Defamatory (2005) (on file with Thompson & Knight), available at,%20Generation%20Gaps.pdf.

[29] See, e.g., STEFAN H. KRIEGER & RICHARD K. NEUMANN, JR., ESSENTIAL LAWYERING SKILLS 94 (4th ed. 2011) (“O.K.” can mean two different things. It can be a throwaway transition word, and it can mean “That’s good.”).

[30] Am. Amusement Mach. Ass’n v. Kendrick, 244 F.3d 572, 577 (7th Cir. 2001).

[31] Bolton, supra, note 12.


[33] See generally James F. Ianelli, Punishment and Student Speech: Straining the Reach of the First Amendment, 33 HARV. J.L. & PUB. POL’Y 885 (2010) (assessing the relationship of the First Amendment to punishing student speech).

[34] S. Cal Rose, From LOL to Three Months in Jail: Examining the Validity and Constitutional Boundaries of the Arkansas Cyberbullying Act of 2011, 65 ARK. L. REV. 1001, 1010 (2012).

[35] Robert E. Phay & Jasper L. Cummings, Jr., Student Suspensions and Expulsions: Proposed School Board Codes 8 (1970) (on file with the Inst. of Gov’t, University of North Carolina at Chapel Hill), available at

[36] Nancy Willard, Educator’s Guide to Cyberbullying and Cyberthreats, (2007) (on file with the Ctr. for Safe and Responsible Use of the Internet), available at


[38] New Jersey v. T.L.O., 469 U.S. 325, 339 (1985) (“[S]choolchildren may find it necessary to carry with them a variety of legitimate, noncontraband items, and there is no reason to conclude that they have necessarily waived all rights to privacy in such items merely by bringing them onto school grounds.”).

Here Come the Teamsters: A Unionized Future for Tech Employees

By Matthew R. Lowe*

I. Introduction

Since the biggest tech giants came onto the scene, Silicon Valley has seen a tension between the companies and labor unions due to an arguable lack of employee representation.[1]  While there are numerous hypotheses for why unions have been unable to infiltrate the tech sphere, one of the most compelling explanations has been the simply technology-averse attitude of unions.  However, on March 12, 2015, Facebook agreed to a contract proposed by Teamsters Local 853 on behalf of shuttle bus drivers.[2]  The agreement could signal a major change in the landscape of employer-employee relations in the technology sector.

II. Background

A. Overview: The Changing Landscape of Employer-Employee Relations

The general employer-employee dynamic is in flux due in large part to the Obama administration.  Recently, the White House proposed a rule modifying the Employee Retirement Income Security Act (ERISA) of 1974, designed to “crack down on irresponsible behavior in today’s market for financial advice by better aligning the rules between employer-based retirement savings plans and IRAs.”[3]  In 2009, the Employee Free Choice Act was introduced into both chambers of the U.S. Congress[4] in order to remove the present right of the employer to demand an additional, separate ballot when more than half of employees have already given their signature supporting the union.[5]  Many companies have expressed serious apprehension about the possible implications of these changes.  The Teamsters union has been seeking to organize many of these companies, such as FedEx and Facebook, and the changes would make it easier for them to do so.  In response, these companies have threatened to scale back drastically in order to compensate for potential losses.[6]

B. Uber & Lyft

For quite some time, tech companies and labor unions have clashed.[7]  Until recently, none of the major tech companies had unionized employees.[8]  Much of the tension between tech companies and unions is derived from what can be construed as an adversity to technology on the part of unions.[9]  Companies like Uber and Lyft, which use mobile applications to connect passengers and cab drivers, have been under siege due to labor disputes.[10]  Currently, two lawsuits brought forth by drivers of the companies are seeking reclassification so that they are protected as employees as opposed to independent contractors.[11]  Earlier this year, the judges overseeing these matters decided that the cases would have to be decided by juries following Uber and Lyft unsuccessfully arguing that their drivers are independent contractors.[12]  If the drivers succeed in the courts, Uber and Lyft may have to change their business models entirely.

Generally, startups are able to develop more affordably and with less bureaucratic resistance when they are free to hire and maintain independent contractors.  When Uber and Lyft developed, they did so relying on and budgeting for independent contractors.[13]  Classified as employees, the drivers will be far more expensive to maintain, thus likely cutting largely into the companies’ revenue streams.  Employers “must withhold income taxes, withhold and pay Social Security and Medicare taxes, and pay unemployment tax on wage-paid” full-time employees.[14]  Further, employees would be able to organize formally.  As of 2014, Southern California Uber drivers have unofficially aligned with a local Teamsters union.[15]

C. Tech Companies and Immigration Reform

Tech companies and startups alike rely not only on independent contractors, but on foreign labor as well.  The issue with outsourcing is one that continues to be at the forefront of political discourse.[16]  Still, tech companies value high-skilled foreign labor, especially foreign engineers, whom the tech industry has continually fought to make it easier to hire.[17]  Expectedly, unions have aggressively spoken out against such efforts.  In 2013, a legislative representative for the American Federation of Labor and Congress of Industrial Organizations (AFL-CIO) stated, “The tech industry is, frankly, being greedy.  They are … blatantly trying to roll back requirements that give high-skilled American workers a fair shot at getting a job.”[18]

Recently, the Obama administration announced a new rule that would allow work permits to be provided to qualified spouses of highly skilled immigrants who are in the United States on temporary visas.[19]  This rule has been sought out by tech companies and other businesses in general.[20]  The change will primarily affect temporary workers from India and China and represents an effort both to help create jobs and to reform what has been widely acknowledged as a dysfunctional immigration system.[21]

D. Opening the Gates to Unions

In November of 2014, shuttle bus drivers under the employ of Facebook joined with the Teamsters Local 853.[22]  The alignment came amidst the drivers’ complaints of being underpaid, overworked, and unfairly compensated for time on the job.[23]  In February, the two entities formulated a union contract that was unanimously agreed upon prior to proposal.[24]  In March, Facebook accepted the terms, which included an increase in average pay “from $18 an hour to $24.50 an hour.”[25]  Other benefits include “11 paid holidays, up to five weeks of paid vacation, paid bereavement leave, paid health care for full-time workers and their families, guaranteed overtime and more.”[26]  While Facebook has set an example, it is not the only major tech company implementing improved working conditions for its employees.  Apple and Google will also be providing increased hourly pay and benefits to its shuttle drivers.[27]  Compass Transportation employees who shuttle Apple, Yahoo, eBay, Zynga, Genentech, and Amtrak have unionized recently.[28]

III. Analysis

Perhaps the shifting labor and employment landscape in Silicon Valley is indicative of a future wherein unions play a larger role in tech companies’ affairs; however, questions remain as to whether labor unions would be a good idea for developed startups and who is likely to be unionized within these startups.  As of now, drivers have been successful in either pushing forth important lawsuits, as in Uber and Lyft’s cases, or they have executed union contracts, as with Facebook.  Whether engineers, for example, will be successful in yielding similar achievements or whether they even want to do so is uncertain.

Labor unions are typically brought in to assist in improving working conditions for laborers, but startup companies are generally known for taking great care of their employees.  Google and Facebook both made Forbes’ “20 Best Places to Work in 2015” list and it is no wonder.[29]  These companies not only innovate the products of tomorrow, but they also have a hand in innovating the work environment.[30]  They are able to recruit attractive talent through “[c]ushy salaries, luxurious dining amenities, and decentralized management structures.”[31]

Even for less elite and renowned companies, labor unions could harm a natural flow that exists within the tech industry.  Specifically, there has been a longstanding reliance on freelance-type workers, especially in the development process.[32]  While this preference may signal a potentially exploitative nature on the management side of relations, it is one that has been beneficial to laborers as well.  As the tension between unions and tech companies began to crystalize as far back as 2001, Alvin Bost, a freelance web designer, told CNET that he thought “unionization would ruin the free spirit and innovation in the high-tech industry,” and went on further to note that it would be terrible for people like him.[33]  Designers, engineers, and other contract workers enjoy a level of agency that allows them, as the term “freelance” itself suggests, to move freely from company to company, thus emphasizing an important and characterizing feature of the industry: choice. Tim Colson, a software engineer, noted of working conditions that “about the only detriment [can be] the long hours” but laborers are usually “compensated in some way for the effort,” and “if a particular environment isn’t acceptable, you can simply move on.”[34]  An employment attorney in Palo Alto, Victor Schachter, said over a decade ago that “employees are going to be very reluctant (to organize) when they see the obligation of dues and the possibility of strikes and the realities of what collective bargaining is … in the end, very few, if any, of these companies will find that they have union-represented employees.”[35]  To this day, his prediction seems to hold true.

On the other hand, labor unions may be able to find a foothold with service-level workers, such as janitorial staff, who are not able to share in the wealth, prosperity, and growth of the tech industry[36] and expand from there.  As of now, there is evidence to suggest that booms in the industry benefit engineers and investors primarily, with very little trickling down to workers not at the top of the wage pyramid.[37]  Drivers, for example, seek collective bargaining for the purpose of keeping up with the rising cost of living in the Bay Area.[38]  One of Facebook’s shuttle bus drivers, Jimmy Maerina, illustrated this when he stated that he is happy to be able to live where he wants and to also “be able to put some food on the table.”[39]

IV. Conclusion

The tech industry as a whole presents a very unique platform for labor and employment relations.  This platform has paved the way for various innovations from work environment modernization to comprehensive immigration policy reform.  Still, what makes the industry particularly unique is its relationship—or lack thereof—with labor unions.  For decades, Silicon Valley has thrived with minimal union influence.  However, as the labor and employment field continues to make notable shifts, unions may be able to reformulate their tactics and develop an effective strategy for gaining a foothold in the industry through service employees.  The need for companies to provide for and maintain their service workers is acknowledged by both the workers, like drivers for Uber, Lyft, and Facebook, and management, like Facebook, Google, and Amazon.  With a greater occupation within the tech sphere, unions may be able to expand their influence, thus potentially changing not only the procedural characteristics of the industry, but perhaps entire business models as well.


*J.D., University of Illinois College of Law, expected 2017. B.A., English and Political Science, University of Massachusetts-Amherst, 2012. I would like to thank the board of the Journal of Law, Technology, and Policy for giving me the opportunity to contribute this piece. Special thanks are given to Andrew Lewis and Iman Naim for all of their advice that went into writing this piece. I also would like to thank my mentors for their ongoing and invaluable guidance: Allison Maue and Professor Paul Healey. Finally, a huge thank you always to my parents, Chrissalee and Lesly, and my sister, Victoria, for their constant encouragement.

[1] Gregory Ferenstein, Why Labor Unions And Silicon Valley Aren’t Friends, In 2 Charts, TECH CRUNCH (Jul. 29, 2013),

[2] Queenie Wong, Facebook Approves Union Contract for Shuttle Bus Drivers, SILICON BEAT (Mar. 12, 2015, 4:28 PM),

[3] Press Release, White House: Office of the Press Secretary, FACT SHEET: Middle Class Economics: Strengthening Retirement Security by Cracking Down on Backdoor Payments and Hidden Fees, WHITE HOUSE (Feb. 23, 2015), available at

[4] Steven Greenhouse, Fierce Lobbying Greets Bill to Help Workers Unionize, NY TIMES (Mar. 10, 2009),

[5] Christopher Beam, Uncivil Union: Does Card Check Kill the Secret Ballot or Not?, SLATE (Mar. 10, 2009, 7:09 PM),

[6] Alex Roth, FedEx Threatens to Cancel Jet Orders: Package-Delivery Company Puts Boeing Order in Question over Bill to Make Unionizing Easier, WALL ST. J., (last updated Mar. 25, 2009, 12:01 AM).

[7] Ferenstein, supra note 1.

[8] Id.

[9] Id.

[10] Maya Kosoff, How Two Lawsuits Could Destroy Uber and Lyft’s Business Models – and Set a Precedent for the Rest of the Sharing Economy, BUS. INSIDER (Mar. 12, 2015, 10:12 AM),

[11] Id.

[12] Id.

[13] Id.

[14] Independent Contractor (Self-Employed) or Employee?, IRS, (last updated Oct. 2, 2014).

[15] Press Release, Int’Press Release, Intr, UBER Drivers In Southern California Form Association with Teamsters Local 986 (Aug. 27, 2014), available at

[16] Chris Isidore, Rick Perry: ‘Unemployment Rate Is a Sham’, CNNMONEY (Feb. 27, 2015, 4:37 PM),

[17] Gregory Ferenstein, Major Union Calls Tech Industry news/eco for Wanting to End Hiring Wait Period for Immigrants, TECH CRUNCH (May 17, 2013),

[18] Id.

[19] Julia Preston, Rule Change Sought by Tech Firms Will Allow Some Spouses of Immigrants to Work, NY TIMES (Feb. 24, 2015),

[20] Id.

[21] Id.

[22] Kristen V. Brown, Facebook Bus Drivers Unanimously OK Union Contract, SFGATE (Feb. 23, 2015, 6:31 PM),

[23] Id.

[24] Id.

[25] Id.

[26] Wong, supra note 2.

[27] Id.

[28] Id.

[29] Kathryn Hill, The Best Places to Work in 2015, FORBES (Dec. 10, 2014, 10:43 AM),

[30] Mariana Simoes, Why Everyone Wants to Work at Big Tech Companies, BUS. INSIDER (Feb. 7, 2013, 4:12 PM),

[31] Ferenstein, supra note 1.

[32] Id.

[33] Troy Wolverton, High Technology Discovers Unions, ZD NET (Jan. 18, 2001),

[34] Id.

[35] Id.

[36] Amy B. Dean, A Rising Silicon Valley Doesn’t Lift All Boats, AL JAZEERA (Mar. 9, 2015, 1:45 AM),

[37] Id.

[38] Wong, supra note 2.

[39] Id.

Privacy and Security on the Internet

By Thomas Guzman*

I. Introduction

The Internet has changed how people get information, purchase goods, and interact with one another.  The Internet has been labeled a human right by the United Nations,[1] and Hilary Clinton has identified Internet freedom as a core value in line with freedoms of expression.[2]  Governments have struggled with questions about how to regulate the Internet.  Lately, the Internet regulatory debate has centered around privacy on the web and security on the web.  The two debates are more inextricably intertwined than may appear at first glance.  Can there be complete privacy on the Internet while maintaining enough cyber awareness to ward off potential threats?

II. Background

In a recent New York Times article, Howard E. Shrobe, a computer science professor at the Massachusetts Institute of Technology, is quoted as saying, “[t]he software we run [on the internet], the programming language we use, and the architecture of the chips we use haven’t changed much in over 30 years….[e]verything [on the internet] was built with performance, not security, in mind.”[3]

Since Edward Snowden released troves of information shedding light on the National Security Agency (NSA) data collection methods, privacy on the internet has been a much discussed topic.  Concerns center on governmental activity monitoring their own citizens’ data in the United States.

Prior to Edward Snowden’s disclosures, the Obama administration had already begun examining policy solutions to use data gathered from government entities to protect U.S. critical infrastructure for national security purposes.[4]

A. Snowden Sparks a Debate on Privacy

In 2013, a former contractor for the NSA, Edward Snowden, released thousands of documents to the media, giving the public a look into the secretive practices of the NSA.[5]  Snowden’s leaks showed the breadth and depth of NSA data collecting practices on both foreign nationals and U.S. citizens located domestically.  Snowden cited civil liberties as his primary motive for disclosing classified information.[6]  If Snowden wanted to spark a public debate on the merits of government data collection practices, he was certainly successful.

Following Snowden’s leaks, James R. Clapper, Director of National Intelligence, apologized for previously lying to Congress.  When asked if the NSA collected any type of data on millions of Americans, Clapper replied “no, sir.”[7]  U.S. District Court Judge Richard Leon said that the agency’s controversial program appears to violate the Constitution’s Fourth Amendment, which protects Americans against unreasonable searches and seizures.[8]  The program collects records of the time and phone numbers involved in every phone call made in the U.S., and allows that database to be queried for connections to suspected terrorists.  “I cannot imagine a more ‘indiscriminate’ and ‘arbitrary invasion’ than this systematic and high-tech collection and retention of personal data on virtually every single citizen for purposes of querying it and analyzing it without judicial approval,” wrote Leon, a George W. Bush appointee, in the ruling.[9]  The Supreme Court denied a writ of certiorari to hear the case.[10]

A White House-appointed review panel recommended that the government cease storing call data on hundreds of millions of Americans.[11]  President Obama acknowledged the dialogue surrounding NSA data collection and civil liberties arose at least in part due to Snowden’s disclosures.[12]

Snowden’s disclosures also raised the issue of privacy on the Internet abroad.  Brazilian President Dilma Rousseff championed legislation in her home country that has been touted as an internet bill of rights which limits the metadata that can be collected on Brazilians and promotes access to the Web.[13]

Whether or not the effects of Snowden’s disclosures are positive or negative may be one of opinion.  What cannot be undermined, however, is the rise in awareness of the scant privacy available on the Internet.  While Snowden’s actions led to a whiplash reaction to denounce the NSA’s overreach, which was compounded by the NSA falsely attributing averted terrorist attacks to the data collected, there are more considerations and factors weighing into the merits of monitoring web traffic.

B. Critical Infrastructure Concerns

In a 2013 report to Congress, the Department of Defense accused China of accessing and collecting data on U.S. diplomatic, economic and defense industries.[14]  U.S. accusations were corroborated by a report by Mandiant, a cyber-security firm, which came to similar conclusions.[15]  The accusations from Mandiant and the Defense Department demonstrated the vulnerability to U.S. national security interests against cyber-attacks.

Attempts to pass legislation to address cyber security concerns of private industry critical to national interests have stalled, especially after Snowden’s disclosures.[16]  As a result, President Obama signed an Executive Order in February 2013 that directed the Department of Homeland Security to create a national framework that reflects the increasing role of cyber security in securing physical assets.[17]  “Much of our critical infrastructure – our financial systems, power grids, pipelines, health care systems – run on networks connected to the internet, so this is a matter of public safety and of public health,” President Obama stated in January 2015 while introducing a renewed efforts to pass cyber security reform.[18]

C. Sony

In November 2014, Sony Pictures Entertainment suffered a massive cyber-attack that exposed terabytes of information including personally identifiable information (PII) of Sony employees, emails, and unreleased movies.[19]  On November 24, 2014, Sony became aware of the breach when an ominous red skull with a warning that Sony’s secrets were about to be released appeared on computers at Sony. It is unclear when Sony’s systems became compromised.[20]  A group calling itself “Guardians of Peace” took credit for the attack.  On December 19, 2014, the U.S. Federal Bureau of Investigations (FBI) concluded that North Korea was behind the attack on Sony.[21]

On December 16, 2014, Guardians of Peace, the group claiming responsibility for the hack, posted terrorist threats online directed at movie theaters if they played Sony’s motion picture “The Interview.”[22] The movie is a comedy, which includes a scene depicting the North Korean dictator Kim Jong Un being killed.  In June 2014, North Korea wrote to the Secretary General of the U.N. stating that the distribution of the movie should be regarded as an act of war.[23]

It should be noted however, that Norse, a private cyber security firm, also investigated the Sony hack and found no evidence of North Korea being responsible.[24]

Regardless of who is ultimately responsible, the cost of Sony’s hack is estimated to be upwards of $300 million.[25]

III. Analysis

“You have zero privacy anyway. Get over it,” the co-founder and chief executive of Sun Microsystems, Scott McNealy, said in response to growing concerns of consumer privacy in 1999.[26]  As abrasive as he was, McNealy’s inelegant comment seems eerily prescient sixteen years after the fact.  Every website a user visits is logged, and every post and online purchase leaves a trace of a user’s online presence.[27]  Every email sent via Google’s ubiquitous Gmail service is scanned for data for potential advertisers.[28]  With a $395 billion dollar company built on a principle of data mining and advertising, what chance does online privacy really stand?

Edward Snowden confirmed the notion that “big brother” is watching that existed long before 2012.  As early as 2004, when Facebook was a small website for college students to interact, there was an implicit understanding of the importance of protecting your online image.  There is no doubt that some information posted on the internet should be private, particularly in the case of credit card numbers used for online purchasers.  There is also clearly some information that is not private at all, such as public tweets, which are now being collected by the Library of Congress.[29]  Legal scholars will need to develop theories about all the information that falls between these two examples to determine what online information should be openly accessible and attributable and the information which should require a warrant to be admissible against a citizen.

Do the ends of protecting critical infrastructure from potentially massive disruptions, or preventing potential terrorist attacks through the means of meta-data collection justify NSA practices?  This must be considered while weighing the merits of online data privacy.

Despite the difficulties, online anonymity may be a winning bargain for privacy advocates and policy makers.  Protecting the U.S. economy and national security are goals too large to completely cease metadata collection, but with clear guidelines in place anonymity can be maintained until there is an established need to identify a person of interest.

As Dr. Shrobe stated, the Internet was built with performance in mind not security, so when the need to identify potential persons of interests arises there should be clear guidelines in place to authorize removing the veil of anonymity.[30]  The guidelines should serve as the basis for a preemptive warrant to protect against violations of citizen’s Due Process rights.  As the White House-appointed panel recommended, the government should cease storing call data on hundreds of millions of Americans – or at least cease storing data indefinitely.[31]

Sony is a private example of larger security concerns that come with an open Internet.  The costs Sony has incurred and the publicity of the attack may serve to raise awareness around cyber security.  A federal policy solution to protect industries not critical to national security interests may be a bridge too far, but private companies should begin to factor in cyber security as a cost of doing business in the Internet age, or risk being the next victim of a $300 million cyber-attack.

IV. Conclusion

The Internet has performed exceedingly well in connecting the world and delivering information quickly.  If the Internet was built with performance in mind, as Dr. Shrobe stated, it may be time to consider what the Internet should evolve into.  The Internet as a security-less means of accessing data may prove to be an economic costly proposition that is potentially detrimental to national security.  Private companies can hire cyber security firms to manage their networks and protect against potential cyber intrusions, but the threat of cyber-attacks will not be completely eliminated.  In order for the Internet to meet the challenges of the intricately connected world that it helped to create, it must evolve to become a safer medium through which businesses and governments operate.  Until then, we can remember McNealy’s words every time we log onto an Internet connection and “get over” our lack of privacy.  At least we can cross our fingers for anonymity on the web.


*J.D. Candidate, University of Illinois College of Law, expected 2017. B.A. Political Science, University of Illinois at Chicago, 2011.  I would like to thank the entire team at the Journal of Law Technology and Policy for their help on this piece.

[1] David Kravets, U.N Report Declares Internet Access a Human Right, Wired (June 3, 2011),

[2] Harichandan Arakali, Hillary Clinton Calls Internet Freedom ‘Core Value’ at Dreamforce Conference, Int’l Bus. Times (Oct. 15, 2014),

[3] Nicole Perlroth, Reinventing the Internet to Make it Safer, N.Y. Times (Dec. 2, 2014, 9:25 PM),

[4] President Barack Obama, Op-Ed., Taking the Cyberattack Threat Seriously, Wall St. J. (Jul. 19, 2012, 7:15 PM),

[5] Glenn Greenwald, Edward Snowden: The Whistleblower Behind the NSA Surveillance Revelations, Guardian (Jun. 11, 2013, 9:00 AM),

[6] U.S. Domestic Surveillance, Council on Foreign Rel. (Dec. 18, 2013),

[7] Aaron Blake, Sen. Wyden: Clapper Didn’t Give ‘Straight Answer’ on NSA Programs, Wash. Post (Jun. 11, 2013),

[8] Klayman v. Obama, 957 F. Supp. 2d 1, 42 (D.D.C. 2013).

[9] Id.

[10] Klayman v. Obama, 134 S. Ct. 1975 (2014).

[11] Richard A. Clarke, et al., Liberty and Security in a Changing World, White House 161 (Dec. 12, 2013),

[12] Office of Press Secretary,  Remarks by the President on the Review of Signals Intelligence, White House (Jan. 17, 2014, 11:15 AM),

[13] Stan Lehman, Brazil Passes an Internet “Bill of Rights”, San Jose Mercury News (Apr. 23, 2014, 10:04 AM),

[14] Office of the Secretary of Defense, Military and Security Developments Involving the People’s Republic of China 2013, Defense 36 (2013),

[15] David Sanger, David Barboza, Nicole Perlroth, Chinese Army Unit Is Seen as Tied to Hacking Against U.S., N.Y. Times (Feb. 18, 2013),

[16] Ryan Tracy, Cybersecurity Legislation Gets Renewed Push From Financial Firms, Wall St. J. (Nov. 13, 2013, 6:22 PM),

[17] Strengthening Security and Resilience of the Nation’s Critical Infrastructure, Department Homeland Security (Aug. 6, 2013),’s-critical-infrastructure.

[18] Obama Pushes Cybersecurity Legislation, N.Y. Times (Jan. 13, 2015),

[19] Todd Vanderwerff, The 2014 Sony Hacks, Explained, Vox (Jan. 20, 2015),; Andrew Wallenstein & Brent Lang, Sony’s New Movies Leak Online Following Hack Attack, Variety (Nov. 29, 2014, 6:37 PM),; Letter from Sony Pictures, toSony Pictures Entertainment Employees (Dec. 8, 2014), available at

[20] Kim Zetter, Sony Got Hacked Hard: What We Know and Don’t Know So Far, Wired (Dec. 3, 2014, 4:02 PM),

[21] FBI Statement: ‘We conclude that North Korean Government is Responsible’, Guardian (Dec. 19, 2014),

[22] Ben Child, Hackers Demand Sony Cancel Release of Kim Jong-Un-Baiting Comedy, Guardian (Dec. 9, 2014, 6:43 AM),

[23] Michelle Nichols, Bernadette Baum, North Korea Complains to U.N. About Film Starring Rogen, Franco, Reuters (Jul. 9, 2014, 1:38 PM),

[24] Tal Kopan, U.S.: No Alternate Leads in Sony Hack, Politico (Dec. 29, 2014, 7:41 PM),

[25] Annie Lowery, Sony’s Very, Very Expensive Hack, N.Y. Mag. (Dec. 16, 2014, 5:47 PM),

[26] Polly Sprenger, Sun on Privacy: ‘Get Over It’, Wired (Jan. 26, 1999),

[27] Mary Madden, et al., Digital Footprints: Online Identity Management and Search in the Age of Transparency,  Pew Internet & American Life Project, (Dec. 16, 2007, 4:00 PM),

[28] Samuel Gibbs, Gmail Does Scan All Emails, New Google Terms Clarify, Guardian (Apr. 15, 2014),

[29] Library of Congress is Archiving All Of America’s Tweets, Bus. Insider (Jan. 22, 2013),

[30] Perlroth, supra note 3.

[31] Richard A. Clarke, et al., supra note 11.